Revision as of 17:49, 20 March 2007

There are "discussion" pages (also known as "talk" pages) associated with every article at OWASP. You can leave questions, comments, or ideas on these pages for other authors to review. These pages are a good place to propose ideas or discuss possible approaches to problems. You should "sign" your comments by adding four tilde characters (~~~~) after your comment. Thanks!

OWASP in Latin America?

Hi my name is Katia Guzman, and I am interested in knowing experiences in OWASP's use in latin america. If someone knows about some case, I will be grateful for it.

Please check out the Local Chapters
in latin america and contact the folks running them. OWASP 22:20, 22 July 2006 (EDT)

Application Security Students

I am Yogesh - student, I heard about OWASP's & intrested to go into application info security.As it is a vast field of expertize. Tell me how a studend with specialized MBA-IT background can fit in.

The best way to learn application security is by doing it. Check
out the OWASP student projects for some ideas. It's a great way
to learn. OWASP 22:20, 22 July 2006 (EDT)

What basic knowledge should I have before choosing "Threat Risk modeling" as my career. (Looking for detailed feedback ) Thank you

You need a basic knowledge of application security principles,
threats, attacks, vulnerabilities, and countermeasures. Check the
OWASP Honeycomb Project for the basic
information you need. You should also read about the process of threat modeling.
There are a few books on the subject, including "Threat Modeling" and
"Secure Development Lifecycle" from the Microsoft Press. Note - it's not yet
clear whether "Threat Risk modeling" is actually a career yet. There are clear
careers as an "application security architect" and "application security tester"
(including cod review).

Java Application Security

What are the specific thing which we need to keep in mind while programming in JAVA to make our code secure to all types of attack (--Rajnishk7 02:46, 24 June 2006 (EDT))